TCP veto: A novel network attack and its Application to SCADA protocols

  title={TCP veto: A novel network attack and its Application to SCADA protocols},
  author={John T. Hagen and Barry E. Mullins},
  journal={2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT)},
  • John T. Hagen, B. Mullins
  • Published 15 April 2013
  • Computer Science
  • 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT)
TCP veto is a detection-resistant variation of the TCP connection hijacking attack. While not limited to SCADA protocols, Modbus TCP, the Ethernet Industrial Protocol (EtherNet/IP), and the Distributed Network Protocol (DNP3) each meet the necessary assumptions of the attack. Experimental results reveal that the integrity of messages transmitted using each of the three SCADA protocols are vulnerable to TCP veto. Additionally, TCP veto produces up to 600 times less network traffic during its… 

Figures and Tables from this paper

Security Evaluation of the Adaptive Congestion Control Algorithms for Virtual Data Center Communication
An in-depth evaluation of the various congestion control algorithm such as slow start, congestion avoidance, fast retransmit and fast recovery is provided to demonstrate that even though they are implemented in a wide variety of networks, these algorithms are deficient in a number of ways.
Detecting Network Attack Vectors On SCADA Specific Network Operating On Modbus TCP/IP Protocol
Much research is being carried out to detect and mitigate the effect of network attacks on SCADA specific networks but, one must also consider the significance of attacks done inside the secured periphery of the controlled systems, called as “insider attacks”.
Transmission Control Protocol Performance Monitoring for Simulated Wired University Computer Network using OPNET
Wiredconnections reaches all computer network users at fixed points to maintain higher Mbps and ensure reliable communications between all the campus network nodes, as well as to increase the overall network performance taking into account the future expansions for the university campus network design.
Security assessment framework for cyber physical systems: A case-study of DNP3 protocol
This paper investigates the buoyancy of DNP3 towards attacks as passive Network reconnaissance, Base line response replay, Rogue interloper, Event buffer flooding and TCP veto, and concludes by comments on new set of Improper input validation vulnerability.
Security Implications of Transport Layer Protocols in Power Grid Synchrophasor Data Communication
This work examines the communication between synchrophasors and phasor data concentrators to analyze potential security vulnerabilities present at the transport layer, and investigates the advantages and disadvantages of both the TCP and UDP protocols, respectively, with an emphasis on security issues.
Performance impact of IPsec in resource-limited smart grid communication
  • B. Hirschler, T. Sauter
  • Computer Science
    2016 IEEE World Conference on Factory Communication Systems (WFCS)
  • 2016
The experimental results show that the influence of security features on the processing time of IPv6 packets is below one millisecond, which should be feasible for many smart grid applications, and a lean measurement setup is employed which can be used even on devices with limited processing power without influencing the measurement results too much.
An Intrusion Detection Method for Line Current Differential Relays
This paper unveils that such susceptibilities can result in unwarranted trip signals through false data injection attacks (FDIAs), and so cause instability if several attacks are coordinated, and presents a solution for detecting FDIAs and distinguishing them from real internal faults.
ICS3Fuzzer: A Framework for Discovering Protocol Implementation Bugs in ICS Supervisory Software by Fuzzing
This work presents a fuzzing framework to automatically discover implementation bugs residing in the communication protocols between the supervisory software and the field devices, and proposes a state selection algorithm to find the protocol states that are more likely to have bugs.
FieldFuzz: Enabling vulnerability discovery in Industrial Control Systems supply chain using stateful system-level fuzzing
FieldFuzz is implemented, a methodology for discovering supply chain vulnerabilities in every PLC component using stateful black-box fuzzing without the requirement of a real device, and is studied to study the cross-platform applicability of FieldFuzz.
Development of a Cyber-Resilient Line Current Differential Relay
The impacts of false data injection attacks (FDIAs) on the performance ofLCDRs are investigated and a technique for detecting FDIAs against LCDRs and differentiating them from actual faults in two-terminal lines is proposed.


A Simple Active Attack Against TCP
An active attack against the Transport Control Protocol is described which allows a cracker to redirect the TCP stream through his machine thereby permitting him to bypass the protection offered by such a system as a one-time password or ticketing authentication.
The Case for Ubiquitous Transport-Level Encryption
Tcpcrypt is a TCP extension designed to make end-to-end encryption of TCP traffic the default, not the exception, and provides backwards compatibility with legacy TCP stacks and middle-boxes, and minimizes the cost of key negotiation on servers.
Secure authentication for DNP3
  • G. Gilchrist
  • Computer Science
    2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century
  • 2008
This paper provides an overview of the secure authentication specification for DNP3. It summarizes the purpose and operation of the protocol and discusses the current state of the specification. Some